GRC consultant at Unitas in Aarhus North (Lystrup)
Are you a dedicated GRC consultant with a passion for information security? It may be that you are currently working in a large consultancy and have become somewhat tired of the culture there.
Would you like to work with colleagues who, through their professional specialties, focus on delivering the best solutions to customers?
Do you miss being part of a team that daily infects each other with good energy, knowledge and ideas, and that has an understanding of the team's overall strength and ability to deliver services and products of very high quality?
So read more below.
Unitas is a well-run company that specializes in information security, IT law and compliance.
Unitas was established in 2019 by Morten Schaumann and Jacob Georg Naur. With their many years of experience as IT security consultant and lawyer, they wanted, in short, to build a bridge between IT and law. The vision was then as now, that Unitas must be the customers' preferred external information security and compliance department.
The management style i Unitas is relaxed, and Morten and Jacob are also active as consultants themselves. Though Unitas is a relatively young company, there is a great focus on employee and team development. We can only do well in a very changeable market if we constantly learn and develop both individually and collectively.
Unitas today consists of 12 consultants and is now looking for more colleagues.
The working environment at Unitas
In everyday life at the office, we are very social, help each other, engage in a number of joint activities and generally have a lot of fun, but we never lose sight of the academic or professional work.
IT equipment and digital tools are of high quality. The same is true of the physical environment, which contributes to job satisfaction, which is crucial to our success. You will experience great freedom under responsibility. We create an open dialogue through informal conversations where we share knowledge and support each other. We believe that good results are best achieved through collaboration and sharing of successes.
You will have great freedom to work at home, with customers or at the workplace in Lystrup. However, as a general rule, you must attend the office on Monday and Friday.
As a GRC consultant at Unitas will you play a central role in ensuring that our customers comply with applicable regulations such as NIS 2, DORA, GDPR etc. You will be part of dynamic teams where you will have the opportunity for professional sparring with like-minded people. We offer a position with great influence where you can help build something meaningful - both for our customers and for Unitas.
Example of a typical task
A common task involves, for example, a project within NIS 2, where you lead one or more workshops for the management and/or board of directors as well as system owners at the customer in a small or large Danish or international company. As you can read, the customer portfolio is wide ranging, so as a consultant you also need to be able to handle the different cultures and norms of the customers.
You then plan in collaboration with the customer - and, if necessary, a project manager from Unitas – the further delivery of, for example, policies, procedures and tools as well as the execution of management education, awareness training, auditing, scans and tests and more, depending on the customer's needs and level of maturity.
You will thus have to write information security policies and procedures in accordance with a wide range of frameworks, including ISO, NIST, CMMC, CIS, ISAE3402/3000, etc. You will of course be supported by your colleagues in your work. For example, it is common for us to carry out a CIS Controls/CIS18 analysis so that you have a basis for evaluating the customer's current needs as well as advising on the results of the analysis and integrating them as proposals for improving existing policies and technical measures. You will naturally also discuss the technical measures with the appropriate specialists at Unitas.
In the ISMS-supporting IT system (GRC system), you document the customer's systems, risks and the actions taken to reduce risks.
As a natural part of your work, you must report to the customer's management. It may be that you have to attend a board meeting or two, where you will be allowed to present the results of the preliminary work and make recommendations for the next steps. As you know, information security and compliance work is an ongoing task.
For some customers, they will want to hand over operational responsibility for information security to Unitas. In these situations, the task ends with you handing over the work to Unitas' service department, which then takes over the annual wheel tasks, so that the customer's needs are met for the future.
During the course of the assignment, you typically collaborate with 2-3 colleagues throughout the entire process. Together you cover the overall task, so that you get the opportunity to use your core competences as best as possible and get support in areas outside your core competences from skilled colleagues.
We are looking for an employee who can contribute with:
Minimum 2-3 years of practical experience within the GRC area, preferably in a consulting role
One or more relevant educations or certifications, e.g. ISO27001 Lead Implementer / Lead auditor, CISA or similar.
The ability to handle tasks and make decisions independently, but also the ability to function in teams of 2-4 people on a task
Excellent communication skills in Danish and English (we live by being able to write)
Flexibility in connection with consulting tasks throughout the country, even if much can be solved remotely
Opportunity for professional sparring and development at a high level
Great influence on own tasks and areas of responsibility
Short path from idea to action and room for good ideas
Minimal administration and limited time tyranny
Good lunch arrangement
Possibility to participate in frequent social events, fitness, padel etc
Possibility of flexible working hours, possibly less than 37 hours per week
Although we are not a large company, our finances are solid and we have all formal aspects under control such as pension, homework and modern tools. We are located in Lystrup near Aarhus and work every day to be preferred by public and private organisations, where we act as their outsourced information security and compliance department.
Send your CV or a link to your LinkedIn profile to firstname.lastname@example.org. If you have any questions about the position, please send us an email with your contact details and we will contact you.
We treat all applications confidentially, and applicants are processed on an ongoing basis. We look forward to welcoming you as part of Unitas!